URLhaus Database

You are currently viewing the URLhaus database entry for http://bmh-global.myfirewall.org/NOTEPAD.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3679158
URL: http://bmh-global.myfirewall.org/NOTEPAD.exe
URL Status:flame Online (spreading malware for 1 month, 7 days, 18 hours, 8 minutes)
Host: bmh-global.myfirewall.org
Date added:2025-10-16 05:38:33 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: johnk3r
Abuse complaint sent (?): Yes (2025-11-03 16:53:13 UTC to abuse{at}lanedo[dot]net)
Tags:a310Logger link DarkTortilla RemcosRAT link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-11-19NOTEPAD.exeexe 028ed106671f2fd54084268d18f27a09847d82b28aa66b26b067c2b378e6b63fn/a RemcosRAT
2025-11-13NOTEPAD.exeexe b3373b9443b2c689f550e98ae11b37a8942f071485ed8fbea9909cecafff797an/a RemcosRAT
2025-11-12NOTEPAD.exeexe f0599e18194435d45bb6462b9e000649706c7fe18105def03abc15ec48f66bc9n/a RemcosRAT
2025-11-11NOTEPAD.exeexe c65751f053c867b9ee2267bc61377c4165d86ff1a52a10eb2808a49d124f5eb5n/a DarkTortilla
2025-11-11NOTEPAD.exeexe b52ec88f039fc53ac5e08d94ba37afa36bc3456075eb61c1892f367e57ae91d7n/a DarkTortilla
2025-11-07NOTEPAD.exeexe 35ed7f698819e65c054a12cf6b24a413795fb35871f32e3aa15a3b59724b20edn/a a310Logger
2025-11-06NOTEPAD.exeexe 5f79469457120d02ea8c412db0e66dee6c2843718138c55871a95dfded8ae9d4n/a DarkTortilla
2025-11-05NOTEPAD.exeexe b3ad07295950eff7f2748541ffa6d9d9370d83819382f32b27be8eef47afd9c2n/a a310Logger
2025-11-03NOTEPAD.exeexe b25dc85cc84bf80d8fe655e3201a0cdb65ed1f98f1528bd24ab142f3e128fd35n/a DarkTortilla
2025-10-29NOTEPAD.exeexe 1a3bb136a6811e630f4f8e603eb0a6c1655dae3c3406ce04393f93615f5681b2Virustotal results 36.11% RemcosRAT
2025-10-27NOTEPAD.exeexe 8d54a3a04552dfc7e4e70dd7d4dbe91143e75f242a6dfa8b82df418d0c8af61fVirustotal results 40.28% DarkTortilla
2025-10-23NOTEPAD.exeexe 2be261aecb7026249fc392bbf76ae1081baad294c182d540cb2627016666a2a8Virustotal results 35.21% RemcosRAT
2025-10-20NOTEPAD.exeexe f994a4f0328dd5d39d521d341735157b477a6f22c33f81ccae823f2d04e608b0n/a RemcosRAT
2025-10-18NOTEPAD.exeexe d7fde6e1393d8038269f53f0c9caef13b4e810dcac922e0c69c1a81953c904fcVirustotal results 40.58% a310Logger
2025-10-16NOTEPAD.exeexe 691939843feb83cbbeb6802fccb8d7ac8e6cbd7f7c676e5a9eb549353691db88Virustotal results 69.44%DarkTortilla